|
|
Posted by Baho Utot on 01/22/08 00:52
Jerry Stuckle wrote:
> The Natural Philosopher wrote:
>> Jonas Werres wrote:
>>>> Nothing at all to do with PHP.
>>>
>>> I think you did not understand what I wrote.
>>>
>>> The OP asked if one can spoof the IP address while requesting a
>>> document. Jerry says (correctly) that it would not be possible to get
>>> the answer. That might imply that is IS possible to make a request, but
>>> the answer goes nowhere. That would be enough if the purpose of the
>>> request was e.g. to delete a database by SQL injection. The answer is
>>> unimportant.
>>>
>>> What I said was that I think it is not even possible to make a request
>>> (regardless where the answer would go), because that would require a
>>> connection which cannot be established with a spoofed IP.
>>
>>
>> A request implies an open TCP connection, which implies that a session
>> has been set up.
>>
>
> Not the way TCP/IP works. You can send up to 7 packets before an ACK is
> required by the sender. This is all done by the transport layer, and
> the web server has no idea what's going on.
>
> In that 7 packets you can get several pieces of information. It will go
> to the web server and be processed.
>
> The web server doesn't reply until it gets the HTTP request - which can
> be much later.
>
> If the web server's TCP/IP doesn't get the packet, obviously the ACK
> won't be returned. So after a timeout period, the sender's TCP/IP
> resends it (if, instead, the ACK got lost on the return, it is the web
> server's TCP/IP which sorts it out).
I am missing something....What are you trying to say here?
TCP/IP from a proper stack (non microsoft) requires
Client --- Host
SYN -->
<-- SYN+ACK
ACK -->
to open a connection.
Now data can be exchanged.
Then the 7 packet rule comes into play, you must establish a "connection"
first.
This link may help:
http://www.linuxsecurity.com/resource_files/documentation/tcpip-security.html
[putolin]
--
Dancin in the ruins tonight
Tayo'y Mga Pinoy
[Back to original message]
|